/// <summary> /// Changes password on the server /// </summary> /// <param name = "user">user name</param> /// <param name = "oldpwd">old password</param> /// <param name = "newpwd">new password</param> public void ChangePassword(string user, string oldpwd, string newpwd) { lock (this) { if (Debug.DebugOn) { Debug.WriteLine(Debug.Info, "SamOEMChangePassword"); } var param = new MarshalBuffer(100); int pos = 0; pos += param.SetShortAt(pos, SamOEMChangePassword); // parameter descriptor string pos += param.SetZtAsciiStringAt(pos, "zsT"); // the data descriptor string for the (returned) data which = null string pos += param.SetZtAsciiStringAt(pos, "B516B16"); // user pos += param.SetZtAsciiStringAt(pos, user); // data size pos += param.SetShortAt(pos, 532); param.Size = pos; byte[] data = CifsLogin.GetChangePasswordData(oldpwd, newpwd); SendTransaction(null, "\\PIPE\\LANMAN", param, data, data.Length); var rdata = new MarshalBuffer(100); receiveTransaction(param, rdata); pos = 0; int error = param.GetShortAt(pos); // ignore more data if (error != 0 && error != 234) { throw CifsIoException.getLMException(error); } } // lock }
private void DoNetServerEnum2(string domain, uint types, int level, MarshalBuffer param, MarshalBuffer data) { int pos = 0; pos += param.SetShortAt(pos, NetShareEnum2); // parameter descriptor string pos += param.SetZtAsciiStringAt(pos, "WrLehDz"); // the data descriptor string for the (returned) data switch (level) { case 0: pos += param.SetZtAsciiStringAt(pos, "B16"); break; case 1: pos += param.SetZtAsciiStringAt(pos, "B16BBDz"); break; default: Debug.WriteLine(Debug.Error, "Invalid NetServerEnum2 level"); throw new ApplicationException("doNetServerEnum2"); } // corresponding to the "W": Level 1 pos += param.SetShortAt(pos, level); // buffer size pos += param.SetShortAt(pos, fReturnBufferSize); if (domain == null) { types |= CifsServerInfo.SV_TYPE_DOMAIN_ENUM; } // select types pos += param.SetIntAt(pos, (Int32)types); // domain if (domain != null) { pos += param.SetZtAsciiStringAt(pos, domain); } else { pos += param.SetByteAt(pos, 0); } param.Size = pos; SendTransaction(null, "\\PIPE\\LANMAN", param, null, 0); receiveTransaction(param, data); int error = param.GetShortAt(0); // ignore more data if (error != 0 && error != 234) { throw CifsIoException.getLMException(error); } }
/// <summary> /// Returns detailed information about a particular user /// </summary> /// <param name = "user">User Name</param> /// <returns>user information</returns> public CifsUserInfo GetUserInfo(string user) { if (Debug.DebugOn) { Debug.WriteLine(Debug.Info, "IPC:NetUserGetInfo"); } var param = new MarshalBuffer(100); int pos = 0; pos += param.SetShortAt(pos, NetUserGetInfo); // parameter descriptor string pos += param.SetZtAsciiStringAt(pos, "zWrLh"); // he data descriptor string for the (returned) data which is "B21BzzzWDDzzDDWWzWzDWb21W" pos += param.SetZtAsciiStringAt(pos, "B21BzzzWDDzzDDWWzWzDWb21W"); // user pos += param.SetZtAsciiStringAt(pos, user); // corresponding to the "W" pos += param.SetShortAt(pos, 11); // buffer size pos += param.SetShortAt(pos, fReturnBufferSize); param.Size = pos; SendTransaction(null, "\\PIPE\\LANMAN", param, null, 0); var data = new MarshalBuffer(1000); receiveTransaction(param, data); pos = 0; int error = param.GetShortAt(pos); // ignore more data if (error != 0 && error != 234) { throw CifsIoException.getLMException(error); } pos += 2; // converter int converter = param.GetShortAt(pos); pos += 2; /* A 16 bit number representing the total number of available bytes. * This has meaning only if the return status is NERR_Success or * ERROR_MORE_DATA. Upon success, this number indicates the number of * useful bytes available. Upon failure, this indicates how big the * receive buffer needs to be. */ int bytes = param.GetShortAt(pos); pos += 2; /* * struct user_info_11 { * char usri11_name[21]; * char usri11_pad; * char *usri11_comment; * char *usri11_usr_comment; * char *usri11_full_name; * unsigned short usri11_priv; * unsigned long usri11_auth_flags; * long usri11_password_age; * char *usri11_homedir; * char *usri11_parms; * long usri11_last_logon; * long usri11_last_logoff; * unsigned short usri11_bad_pw_count; * unsigned short usri11_num_logons; * char *usri11_logon_server; * unsigned short usri11_country_code; * char *usri11_workstations; * unsigned long usri11_max_storage; * unsigned short usri11_units_per_week; * unsigned char *usri11_logon_hours; * unsigned short usri11_code_page; * * }; */ if (Debug.DebugOn) { data.debug("NetUserGetInfo data"); } var info = new CifsUserInfo(); pos = 0; // user name for which information is retireved info.UserName = data.GetZtAsciiStringAt(pos, 21); pos += 21; // pad pos++; //comment int ptr = data.GetIntAt(pos) & 0xffff; pos += 4; info.Comment = data.GetZtAsciiStringAt(ptr - converter, bytes); // comment about user ptr = data.GetIntAt(pos) & 0xffff; pos += 4; info.UserComment = data.GetZtAsciiStringAt(ptr - converter, bytes); // full name of the user ptr = data.GetIntAt(pos) & 0xffff; pos += 4; info.FullUserName = data.GetZtAsciiStringAt(ptr - converter, bytes); // level of the privilege assigned to the user info.UserPrivilege = data.GetShortAt(pos); pos += 2; // account operator privileges. info.OperatorPrivileges = data.GetIntAt(pos); pos += 4; // how many seconds have elapsed since the password was last changed. info.PasswordAge = data.GetIntAt(pos) & 0xffffffff; pos += 4; // path name of the user's home directory. ptr = data.GetIntAt(pos) & 0xffff; pos += 4; info.HomeDir = data.GetZtAsciiStringAt(ptr - converter, bytes); // skip usri11_parms pos += 4; // last logon info.fLastLogon = data.GetIntAt(pos) & 0xffffffff; pos += 4; // last logon info.fLastLogoff = data.GetIntAt(pos) & 0xffffffff; pos += 4; // bad logons info.BadLogons = data.GetShortAt(pos); pos += 2; // num logons info.Logons = data.GetShortAt(pos); pos += 2; // logon server ptr = data.GetIntAt(pos) & 0xffff; pos += 4; info.LogonServer = data.GetZtAsciiStringAt(ptr - converter, bytes); return(info); }
/// <summary> /// Returns the list of shares on the computer /// </summary> /// <param name = "sort">if true, the names are sorted</param> /// <returns>list of <code>CifsShareInfo</code> objects</returns> public CifsShareInfo[] ListSharesInfo(bool sort) { lock (this) { if (Debug.DebugOn) { Debug.WriteLine(Debug.Info, "IPC:NetShareEnum"); } var param = new MarshalBuffer(100); int pos = 0; pos += param.SetShortAt(pos, NetShareEnum); // parameter descriptor string pos += param.SetZtAsciiStringAt(pos, "WrLeh"); // The data descriptor string for the (returned) data which is "B13BWz" pos += param.SetZtAsciiStringAt(pos, "B13BWz"); // corresponding to the "W" pos += param.SetShortAt(pos, 1); // buffer size pos += param.SetShortAt(pos, fReturnBufferSize); param.Size = pos; SendTransaction(null, "\\PIPE\\LANMAN", param, null, 0); var data = new MarshalBuffer(1000); receiveTransaction(param, data); pos = 0; int error = param.GetShortAt(pos); // ignore more data if (error != 0 && error != 234) { throw CifsIoException.getLMException(error); } pos += 2; // converter int converter = param.GetShortAt(pos); pos += 2; // number of entries int counter = param.GetShortAt(pos); pos += 2; // number max of entries int maxcounter = param.GetShortAt(pos); /* * The SHARE_INFO_1 structure is defined as: * * struct SHARE_INFO_1 { * char shi1_netname[13] * char shi1_pad; * unsigned short shi1_type * char *shi1_remark; * } * * where: * * shi1_netname contains a null terminated ASCII string that * specifies the share name of the resource. * * shi1_pad aligns the next data strructure element to a word * boundary. * * shi1_type contains an integer that specifies the type of the * shared resource. * * * shi1_remark points to a null terminated ASCII string that contains * a comment abthe shared resource. The value for shi1_remark is null * for ADMIN$ and IPC$ share names. The shi1_remark pointer is a 32 * bit pointer. The higher 16 bits need to be ignored. The converter * word returned in the parameters section needs to be subtracted * from the lower 16 bits to calculate an offset into the return * buffer where this ASCII string resides. * * In case there are multiple SHARE_INFO_1 data structures to return, * the server may put all these fixed length structures in the return * buffer, leave some space and then put all the variable length data * (the actual value of the shi1_remark strings) at the end of the * buffer. */ if (Debug.DebugOn) { data.debug("NetShareEnum data"); } var result = new CifsShareInfo[counter]; CifsShareInfo info; pos = 0; for (int i = 0; i < counter; i++) { info = new CifsShareInfo(fShare.HostName); // shil_netname[13] info.ShareName = data.GetZtAsciiStringAt(pos, 13); pos += 13; pos += 1; // pad // shil_type info.ShareType = data.GetShortAt(pos); pos += 2; // shil_remark int rptr = (data.GetIntAt(pos) & 0xffff); pos += 4; info.Remark = data.GetZtAsciiStringAt(rptr - converter, 255); result[i] = info; } if (sort) { Util.Util.Sort(result, GetShareInfoComparator()); } return(result); } // lock }
/// <summary> /// Set up the session /// </summary> /// <returns>true if ok, false if bad password</returns> private bool DoSessionSetup() { if (Debug.DebugOn) Debug.WriteLine(Debug.Info, "SMB_COM_SESSION_SETUP_ANDX"); byte[] case_sensitive_passwd = null; byte[] case_insensitive_passwd = null; string string_passwd = fShare.Login.Password; SetupSmbMessage(fMsg, SmbMessage.SMB_COM_SESSION_SETUP_ANDX); if (Debug.DebugOn && Debug.DebugLevel >= Debug.Buffer) { Debug.WriteLine(Debug.Buffer, "New SMB Msg:"); Debug.WriteLine(Debug.Buffer, fMsg.getMessageBuffer(), 0, fMsg.getMessageSize()); } if ((fSecurityMode & SM_ENCRYPT_PASSWORDS) != 0) { case_sensitive_passwd = CifsLogin.GetNtAuthData(string_passwd, fEncryptionKey); case_insensitive_passwd = CifsLogin.GetLmAuthData(string_passwd, fEncryptionKey); } else { case_sensitive_passwd = CifsLogin.GetPasswordBytesUnicode(string_passwd); case_insensitive_passwd = CifsLogin.GetPasswordBytesAscii(string_passwd); } /* UCHAR WordCount; Count of parameter words = 13 0: UCHAR AndXCommand; Secondary (X) command; 0xFF = none 1: UCHAR AndXReserved; Reserved (must be 0) 2: USHORT AndXOffset; Offset to next command WordCount 4: USHORT MaxBufferSize; Client's maximum buffer size 6: USHORT MaxMpxCount; Actual maximum multiplexed pending requests 8: USHORT VcNumber; 0 = first (only), nonzero=additional VC number 10:ULONG SessionKey; Session key (valid iff VcNumber != 0) 14:USHORT CaseInsensitivePasswordLength; Account password size, ANSI 16:USHORT CaseSensitivePasswordLength; Account password size, Unicode 18:ULONG Reserved; must be 0 22:ULONG Capabilities; Client capabilities USHORT ByteCount; Count of data bytes; min = 0 UCHAR CaseInsensitivePassword[]; Account Password, ANSI UCHAR CaseSensitivePassword[]; Account Password, Unicode STRING AccountName[]; Account Name, Unicode STRING PrimaryDomain[]; Client's primary domain, Unicode STRING NativeOS[]; Client's native operating system, Unicode STRING NativeLanMan[]; Client's native LAN Manager type, Unicode */ fMsg.setWordCount(13); // AndXCommand fMsg.setByteParameterAt(0, 0xFF); // AndXReserved fMsg.setByteParameterAt(1, 0); // AndXOffset fMsg.setShortParameterAt(2, 0); // MaxBufferSize fMsg.setShortParameterAt(4, CIFS_MAX_BUFFER_SIZE); // MaxMpxCount fMsg.setShortParameterAt(6, 1); // VcNumber fMsg.setShortParameterAt(8, 0); // SessionKey fMsg.setIntParameterAt(10, 0); // CaseInsensitivePasswordLength fMsg.setShortParameterAt(14, case_insensitive_passwd.Length); // CaseSensitivePasswordLength fMsg.setShortParameterAt(16, case_sensitive_passwd.Length); // Reserved fMsg.setIntParameterAt(18, 0); // Capabilities fMsg.setIntParameterAt(22, CAP_UNICODE | CAP_NT_SMBS); var data = new MarshalBuffer(200); int pos = 0; Debug.WriteLine(Debug.Buffer, "Before Ins Pass:"******"After Ins Pass:"******"After Sens Pass:"******"After Acct Name:"); Debug.WriteLine(Debug.Buffer, data.GetBytes(), 0, data.Size); // Primary domain //string pdomain = Environment.GetEnvironmentVariable("CIFSDOMAIN"); // Can this be done better? string pdomain = "?"; // testing -- This works, but the above breaks... why? pos += data.SetZtAsciiStringAt(pos, pdomain); // Native OS pos += data.SetZtAsciiStringAt(pos, ".NET CIFS Client"); data.Size = pos; Debug.WriteLine(Debug.Buffer, "Final data:"); Debug.WriteLine(Debug.Buffer, data.GetBytes(), 0, data.Size); fMsg.setContent(data); if (Debug.DebugOn && Debug.DebugLevel >= Debug.Buffer) { Debug.WriteLine(Debug.Buffer, "Msg to send"); Debug.WriteLine(Debug.Buffer, fMsg.getMessageBuffer(), 0, fMsg.getMessageSize()); } fMsg.SendAndRecieve(fNBTSession, fMsg); if (!fMsg.isResponse()) throw new CifsIoException("PE3"); int errorclass = fMsg.getErrorClass(); if (errorclass != CifsIoException.SUCCESS) { int errorcode = fMsg.getErrorCode(); if ((errorclass == CifsIoException.ERROR_SRV && errorcode == CifsIoException.SRV_BAD_PASSWORD) || (errorclass == CifsIoException.ERROR_DOS && errorcode == CifsIoException.DOS_NO_ACCESS)) return false; throw new CifsIoException(errorclass, errorcode); } fUID = fMsg.getUID(); /* if(Debug.debugOn && Debug.debugLevel >= Debug.INFO) Debug.WriteLine("UID = " + fMsg.getUID()); */ if (fMsg.getWordCount() != 3) return true; /* UCHAR WordCount; Count of parameter words = 3 0: UCHAR AndXCommand; Secondary (X) command; 0xFF = none 1: UCHAR AndXReserved; Reserved (must be 0) 2: USHORT AndXOffset; Offset to next command WordCount 4: USHORT Action; Request mode: bit0 = logged in as GUEST 6: USHORT SecurityBlobLength length of Security Blob that follows in a later field 8: USHORT ByteCount; Count of data bytes UCHAR SecurityBlob[] SecurityBlob of length specified in field SecurityBlobLength STRING NativeOS[]; Server's native operating system STRING NativeLanMan[]; Server's native LAN Manager type STRING PrimaryDomain[]; Server's primary domain */ byte action = fMsg.getByteParameterAt(4); if ((action & 0x01) != 0) fLoggedAsGuest = true; int byte_count = fMsg.getContentSize(); int off = fMsg.getContentOffset(); int max_off = off + byte_count; /* // Skip security blob off += fMsg.getShortParameterAt(6); */ if (off >= max_off) return true; // Read Native OS fServerOS = fMsg.GetZtAsciiStringAt(off, max_off - off); off += fServerOS.Length + 1; if (off >= max_off) return true; // Read NativeLanMan fServerLanMan = fMsg.GetZtAsciiStringAt(off, max_off - off); off += fServerLanMan.Length + 1; if (off >= max_off) return true; // Read Primary Domain fServerPrimaryDomain = fNBTSession.WorkgroupName; return true; }
/// <summary> /// Connects to the tree /// </summary> /// <param name = "password">password</param> /// <returns>true if ok, false if bad password</returns> private bool DoTreeConnect(string password) { if (Debug.DebugOn) Debug.WriteLine(Debug.Info, "SMB_COM_TREE_CONNECT_ANDX"); SetupSmbMessage(fMsg, SmbMessage.SMB_COM_TREE_CONNECT_ANDX); fMsg.setTID(0); /* UCHAR WordCount; Count of parameter words = 4 0: UCHAR AndXCommand; Secondary (X) command; 0xFF = none 1: UCHAR AndXReserved; Reserved (must be 0) 2: USHORT AndXOffset; Offset to next command WordCount 4: USHORT Flags; Additional information bit 0 set = disconnect Tid 6: USHORT PasswordLength; Length of Password[] USHORT ByteCount; Count of data bytes; min = 3 UCHAR Password[]; Password STRING Path[]; Server name and share name STRING Service[]; Service name */ fMsg.setWordCount(4); //AndXCommand fMsg.setByteParameterAt(0, 0xFF); // AndXReserved fMsg.setByteParameterAt(1, 0); // AndXOffset fMsg.setShortParameterAt(2, 0); // Flags fMsg.setShortParameterAt(4, 0); byte[] challenge_response = null; if ((fSecurityMode & SM_ENCRYPT_PASSWORDS) != 0) challenge_response = CifsLogin.GetNtAuthData(password, fEncryptionKey); else challenge_response = Util.Util.GetZtStringBytes(password); //Debug.WriteLine("password="******"A:"; break; case Share.IPC: dev = "IPC"; break; case Share.PRINTER: dev = "LPT1:"; break; default: dev = "A:"; break; } pos += data.SetZtAsciiStringAt(pos, dev); data.Size = pos; fMsg.setContent(data); fMsg.SendAndRecieve(fNBTSession, fMsg); int errorclass = fMsg.getErrorClass(); if (errorclass != CifsIoException.SUCCESS) { int errorcode = fMsg.getErrorCode(); if ((errorclass == CifsIoException.ERROR_SRV && errorcode == CifsIoException.SRV_BAD_PASSWORD) || (errorclass == CifsIoException.ERROR_DOS && errorcode == CifsIoException.DOS_NO_ACCESS)) return false; throw new CifsIoException(errorclass, errorcode); } fUID = fMsg.getUID(); fTID = fMsg.getTID(); return true; }